Package: apache2
Version: 2.4.25-3+deb9u5
Severity: important
Dear Maintainer,
when I reboot my server, most of the time, I then have to manually restart
apache because it seems unable to reliably initialize upon boot.
The problem only occurs since I configured apache to listen on certain
interfaces only, because I have a different server running on port 80+443 on
another IP address.
I have this in my ports.conf:
Listen 109.230.236.95:80
Listen [2a05:bec0:1:1:10a1:5eff:fe52:509]:80
Listen 109.230.236.95:443
Listen [2a05:bec0:1:1:10a1:5eff:fe52:509]:443
It then fails to start, saying
Okt 05 13:19:02 r-passerv.ralfj.de systemd[1]: Starting The Apache HTTP
Server...
Okt 05 13:19:02 r-passerv.ralfj.de apachectl[1003]: (99)Cannot assign
requested address: AH00072: make_sock: could not bind to address
[2a05:bec0:1:1:10a1:5eff:fe52:509]:80
Seems like a boot ordering problem to me. The IPv6 address is assigned via
local autoconfig, and apache starts too early.
I have tried modifying the systemd unit to fix this, to no avail. The
interwebs also say that DAD (duplicate address detection)
could be related, so I set net.ipv6.conf.all.accept_dad=0, again to no avail.
I am now playing with net.ipv6.ip_nonlocal_bind, but ideally the `Listen`
directive would work out-of-the box.
It currently seems to be rather useless for IPv6 addresses.
Kind regards,
Ralf
-- Package-specific info:
-- System Information:
Debian Release: 9.5
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 4.9.0-8-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8),
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
Versions of packages apache2 depends on:
ii apache2-bin 2.4.25-3+deb9u5
ii apache2-data 2.4.25-3+deb9u5
ii apache2-utils 2.4.25-3+deb9u5
ii dpkg 1.18.25
ii init-system-helpers 1.48
ii lsb-base 9.20161125
ii mime-support 3.60
ii perl 5.24.1-3+deb9u4
ii procps 2:3.3.12-3+deb9u1
Versions of packages apache2 recommends:
ii ssl-cert 1.0.39
Versions of packages apache2 suggests:
pn apache2-doc <none>
pn apache2-suexec-pristine | apache2-suexec-custom <none>
pn www-browser <none>
Versions of packages apache2-bin depends on:
ii libapr1 1.5.2-5
ii libaprutil1 1.5.4-3
ii libaprutil1-dbd-sqlite3 1.5.4-3
ii libaprutil1-ldap 1.5.4-3
ii libc6 2.24-11+deb9u3
ii libldap-2.4-2 2.4.44+dfsg-5+deb9u2
ii liblua5.2-0 5.2.4-1.1+b2
ii libnghttp2-14 1.18.1-1
ii libpcre3 2:8.39-3
ii libssl1.0.2 1.0.2l-2+deb9u3
ii libxml2 2.9.4+dfsg1-2.2+deb9u2
ii perl 5.24.1-3+deb9u4
ii zlib1g 1:1.2.8.dfsg-5
Versions of packages apache2-bin suggests:
pn apache2-doc <none>
pn apache2-suexec-pristine | apache2-suexec-custom <none>
pn www-browser <none>
Versions of packages apache2 is related to:
ii apache2 2.4.25-3+deb9u5
ii apache2-bin 2.4.25-3+deb9u5
-- Configuration Files:
/etc/apache2/conf-available/other-vhosts-access-log.conf changed:
/etc/apache2/conf-available/security.conf changed:
<Directory /var/www/>
Require all denied
</Directory>
ServerTokens Minor
ServerSignature Off
TraceEnable Off
Header set X-Content-Type-Options: "nosniff"
Header set X-Frame-Options: "sameorigin"
/etc/apache2/ports.conf changed:
Listen 109.230.236.95:80
Listen [2a05:bec0:1:1:10a1:5eff:fe52:509]:80
Listen 109.230.236.95:443
Listen [2a05:bec0:1:1:10a1:5eff:fe52:509]:443
/etc/apache2/sites-available/000-default.conf changed:
<VirtualHost *:80>
Redirect temp / https://www.ralfj.de/
</VirtualHost>
<VirtualHost *:443>
Use SSL letsencrypt/live
Redirect temp / https://www.ralfj.de/
</VirtualHost>
/etc/logrotate.d/apache2 changed:
/var/log/apache2/*.log {
daily
missingok
rotate 7
compress
delaycompress
notifempty
create 640 root adm
sharedscripts
postrotate
if /etc/init.d/apache2 status > /dev/null ; then \
/etc/init.d/apache2 reload > /dev/null; \
fi;
endscript
prerotate
if [ -d /etc/logrotate.d/httpd-prerotate ]; then \
run-parts /etc/logrotate.d/httpd-prerotate; \
fi; \
endscript
}
-- no debconf information
